| NetBus | NetBus is one of the most popular backdoor servers, or RATs, used by crackers and script kiddies today. It has probably been overtaken in popularity and functionality by Back Orifice and SubSeven. |
| Network Address Translation (NAT) | Network address translation is a procedure by which the firewall can alter the data in packets to change the network address. This can serve several purposes:
* it allows a large number of internal hosts to connect to the Internet using a small number of IP addresses (thus conserving a limited resource)
* it can help enforce the firewall's control over outbound traffic since the internal host will need to obtain a valid address from the firewall before its connection to the Internet will work
* it prevents the true IP addresses from reaching the Internet; thus providing a small degree of additional security
* dynamic NAT can provide additional defence against incoming attacks since the attacker has to work within the time constraints of the current session. |
| NFS and NIS attacks | Network File System (NFS) is a protocol designed by Sun Microsystems that allows a computer on a network to use the files and peripherals of another networked computer as if they were local.
NFS allows systems to share files over a network by letting a client mount a disk on a remote server machine. NIS maintains a distributed database of password tables, group files, host tables, and other information that systems on a network can share. These services should always be protected by a firewall.
Without protection, an attacker may be able to NFS-mount your filesystems. Client machines are allowed to read and change files stored on the server without logging into the server or entering a password - and since NFS doesn't log transactions, you may not even know about it.
An attacker who can guess the name of your NIS domain and can send a NIS request to your NIS server can get a copy of your password information (including encrypted passwords), even if you are running shadow passwords and the passwords are not in the /etc/passwd file. The attacker is then free to crack your passwords at leisure. |
Powered by